CVE-2014-1737

CWE-75421 documents8 sources
Severity
7.2HIGH
EPSS
0.0%
top 86.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Linux Linux KernelDebian Debian LinuxOracle Linux+5 more
Timeline
PublishedMay 11
Latest updateMay 13

Description

The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages8 packages

NVDlinux/linux_kernel3.33.4.90+4
Debianlinux< 3.14.4-1+3
Ubuntulinux< 3.13.0-27.50
NVDoracle/linux5, 6+1

Also affects: Debian Linux 6.0, 7.0, Enterprise Linux 5.6, 6.3

🔴Vulnerability Details

5
GHSA
GHSA-vmrj-8qgc-5x6c: The raw_cmd_copyin function in drivers/block/floppy2022-05-13
OSV
linux vulnerabilities2014-05-27
OSV
CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy2014-05-11
OSV
CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy2014-05-11
CVEList
CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy2014-05-11

📋Vendor Advisories

13
Ubuntu
Linux kernel (Trusty HWE) vulnerabilities2014-06-27
Ubuntu
Linux kernel (Saucy HWE) vulnerabilities2014-05-27
Ubuntu
Linux kernel (OMAP4) vulnerabilities2014-05-27
Ubuntu
Linux kernel (Quantal HWE) vulnerabilities2014-05-27
Ubuntu
Linux kernel vulnerabilities2014-05-27

💬Community

2
Bugzilla
CVE-2014-1738 CVE-2014-1737 kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command [fedora-all]2014-05-09
Bugzilla
CVE-2014-1737 CVE-2014-1738 kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command2014-05-05
CVE-2014-1737 (HIGH CVSS 7.2) | The raw_cmd_copyin function in driv | cvebase.io